CISSP passed after 30 days.
So I should preface, I've been in Security for 15 years, manager for
the last 8 or so. Kept putting off my CISSP, due to life and other
stuff. I got my CEH two years ago as my boss wanted all my staff to have
it, so I figured lead by example. He also wanted me to have the CISSP, so I've finally obliged.
My main study was the updated Shon Harris book on google play, which I will admit I skimmed. ITProTV (which my work pays for) has a CISSP accelerated course, which I watched right the way through... at 1.5-1.8 speed. Re-watched episodes I wasn't sure of. Then Boson Exams to verify weak areas and restudy, if it wasn't in my notes I'd look in the book or simply write out the explanation from Boson. I also used the CISSP flashcards that were on quizlet and the free apps rocket prep and CISSP flash card (I don't think the free ones were that valuable.)
Got lots of questions on SDLC, asset management and risk assessments, a couple on OSI and TCP/IP in models. I knew security models backwards and didn't get any questions on it
The below videos were suggested by someone on here, and I think they helped immensely.
https://www.youtube.com/watch?v=-99b1YUFx0A
A bit from my notes below that was super valuable from the above videos.
Be a risk advisor/manager, don't fix problems don't look at technical in questions. Physical safety is always the first choice. Pick the option that is cheapest to solve the problem Plan, do, check, act. Which phase is the question in.
Happy to answer any questions.
Wondering what to do next. I want to start an IT Security masters next year, and they give a subject credit each for the Security+ (which I never got, but doing the practice exams I get 90+%), the CISM, and the CRISC. Thinking I might go CISM next, any suggestions?
"Brain does not meet certification requirements, please install more certifications" Me
Currently Studying: Cyber Security masters and ISC2 CCSP.
Security blog; http://security.morganstorey.com
Comments
-
UnixGuy Mod Posts: 4,570 ModI would do CISM next, given your background.
Congrats! I might do the same with CISSP, been putting it off and every time I attempt to read anything just get bored. Maybe next year if I find myself with nothing else to do (big IF..)
-
COBOL_DOS_ERA Member Posts: 205 ■■■■■□□□□□Congrats on the pass!! Do CISM first, followed by CRISC.CISM, CRISC, CGEIT, PMP, PMI-ACP, SEC+, ITIL V3, A-CSM. And Many More.
-
changlinn Member Posts: 42 ■■■□□□□□□□Thanks all for your comments.
@UnixGuy Yeah I got bored too.. watching the accelerated ITProTV course at 1.8 speed meant I stayed interested :P
A+, C|EH, CISSP, CISM, CRISC, GSTRT, MCSA:Messaging, MCSE:Security
"Brain does not meet certification requirements, please install more certifications" Me
Currently Studying: Cyber Security masters and ISC2 CCSP.
Security blog; http://security.morganstorey.com -
stryder144 Member Posts: 1,684 ■■■■■■■■□□Congratulations! I am starting my CISSP path right now and I, too, get bored easily. I will check out the video links you posted.The easiest thing to be in the world is you. The most difficult thing to be is what other people want you to be. Don't let them put you in that position. ~ Leo Buscaglia
Connect With Me || My Blog Site || Follow Me -
changlinn Member Posts: 42 ■■■□□□□□□□@stryder144 The ITProTV accelerated course was a godsend for me, I knew a lot of the stuff, but running it 1.5-1.7 speed in VLC meant I could slow it down when I needed to. I downloaded them all and had them running on this speed in one monitor while taking notes in the other. Good luck
A+, C|EH, CISSP, CISM, CRISC, GSTRT, MCSA:Messaging, MCSE:Security
"Brain does not meet certification requirements, please install more certifications" Me
Currently Studying: Cyber Security masters and ISC2 CCSP.
Security blog; http://security.morganstorey.com -
sfportaro Member Posts: 34 ■■■□□□□□□□I am glad that IIProTV helped somebody. I found it to be a waste of time and money.
Congratulations!
-
changlinn Member Posts: 42 ■■■□□□□□□□Helped me get my CEH and CISM... so I don't think they're too bad.
A+, C|EH, CISSP, CISM, CRISC, GSTRT, MCSA:Messaging, MCSE:Security
"Brain does not meet certification requirements, please install more certifications" Me
Currently Studying: Cyber Security masters and ISC2 CCSP.
Security blog; http://security.morganstorey.com